Embed Size (px)
DESCRIPTION
X-Ways Security: Permanent Erasure. Supervised By: Dr. Lo’ai Tawalbeh Prepared By : Murad M. Ali. Permanent Erasure (Shredding). File Shredding or File Wiping is the act of deleting a computer file securely, so that it cannot be restored by any means. - PowerPoint PPT Presentation
Citation preview
11
X-Ways Security: X-Ways Security: Permanent Erasure Permanent Erasure
Supervised By: Dr. Lo’ai Tawalbeh
Prepared By :Murad M. Ali
2
Permanent Erasure (Shredding) File Shredding or File Wiping is the act of
deleting a computer file securely, so that it cannot be restored by any means.
This is done either using file shredder software, or by issuing a "secure delete" command, as opposed to a "delete" command from the operating system.
File shredding usually involves overwriting a file
multiple times.
3
Deleting When most computers delete a file, they do not
actually remove the contents of the file. Instead, they simply unlink the file from the file directory system, leaving the contents of the file in the disk sectors.
These data will remain there until the operating system reuses those sectors to write new data. Until the old data are overwritten (and this may take months or longer), it can be recovered by programs that read disk sectors directly, such as forensic software (so called because it is used to obtain evidence in criminal investigations and also in legal discovery).
4
Purpose of Deleting Data
The reasons for deleting data:
Need more disk space Removing duplicate or unnecessary data Removing sensitive information from
others
5
Storing Data To delete data safely from a disk, it helps to
understand how it gets there in the first place. The heart of a hard-disk is the platter, a set of highly polished plates, split into smaller parts called sectors.
Data is stored on the disk magnetically, so you don't lose everything when you shut down the power. A read/write head, which looks like the arm of a record player, moves over the disk and writes information onto each platter. Every time data is written to the disk, a record is kept of the part of the platter on which it has been stored.
6
Storing Data
7
Recycle Bin provides a safety net when deleting files or
folders. When you delete any of these items from your hard disk, Windows places it in the Recycle Bin and the Recycle Bin icon changes from empty to full.
Items in the Recycle Bin remain there until you decide to permanently delete them from your computer. These items still take up hard disk space and can be undeleted or restored back to their original location. When it fills up, Windows automatically cleans out enough space in the Recycle Bin to accommodate the most recently deleted files and folders.
8
Recycle Bin If you're running low on hard disk space,
always remember to empty the Recycle Bin. You can also restrict the size of the Recycle Bin to limit the amount of hard disk space it takes up.
Windows allocates one Recycle Bin for each partition or hard disk. If your hard disk is partitioned, or if you have more than one hard disk in your computer, you can specify a different size for each Recycle Bin.
9
Accidental Removing
The common problem with deleting files is accidental removal of information that later proves to be important. One way to deal with this is to backup files regularly.
Another strategy is to move files to a temporary place where they are kept until one is really low on free space. This is how the "recycle bin" in Microsoft Windows and the "trash folder" in Mac OS work.
Under Unix in order to delete a file, you must usually have write permission to the parent directory of that file.
10
Reasons of Use File wiping is useful for confidentiality, because
files are not entirely deleted using the operating system's default delete function. Typically, standard delete functions consist of marking the space occupied by the file as free and updating file system metadata structures, leaving the actual file contents intact on the physical medium. If the file system continues to be used, eventually this space will be assigned to other files and overwritten. However, if the file system has not been used intensively since the file was deleted, recovery or forensic tools have a good likelihood of retrieving deleted data in part or in whole by accessing the medium.
11
Reasons of Use
Some research in the field of magnetic storage media has indicated that it is theoretically possible to recover information from magnetic disks even after an overwrite, using hardware methods. File wiping with multiple overwrite passes was devised as an attempt to defeat such methods.
12
How It Work
File Wipe programs work not only by unlinking a file but also specifically overwriting them with garbage data. For very high security installations, overwriting the file several times is advised. Many government institutions have specific protocols for file deletion. For instance, the U.S. Department of Defense (DoD) specification 5220.22 standard says a file must be overwritten three times.
Wiping a file takes a considerably longer amount of time than just deleting it.
13
How It Work Besides destroying file's contents, some file
wiping software also makes an attempt to ensure that, once wiping has been performed, no information about the file is left in the file system's metadata, such as directory entries.
FAT file system, for example, only replaces the first character of the filename in the corresponding directory entry, when a file is removed. This may be a problem if the user doesn't want to leave traces, such as partial file name and, possibly, creation and modification dates on the physical medium.
The solution to this problem is to wipe deleted entries in the directory containing the file after wiping the file itself.
14
Permanente Erasing Tools If you wants to be absolutely sure that the file
is not recoverable by any means, a suggested approach is to burn the hard drive.
Another approach is to destroy the media with acid.
Although using file shredder software is sufficient to ensure that the data can't be recovered using commercially available tools by either the next owner of the computer, or by someone who has stolen the computer or the hard disk.
15
Software Tools
X-Ways Security.
File Shredder.
East-Tec Eraser.
Permanent Data Wiper.
Blancco.
16
X-Ways Security
X-Ways Security is a hard drive cleansing solution.
To maximize security, X-Ways Security offers
up to 9 fully configurable overwrite passes and the U.S. Department of Defense (DoD) standard for hard drive sanitization as specified in the 5220.22-M operating manual.
17
X-Ways Security Delete selected confidential files securely,
such that they are not recoverable. Wipe free drive space and clear slack space, to
get rid of sensitive data from deleted files. temporary files.
Clean formerly used NTFS file records, which contain filenames and other data
Erase logical drives or entire physical disks completely and irreversibly, e.g. to produce forensically clean target media or to sanitize media before re-use in a different environment of before donating.
18
References
http://en.wikipedia.org http://www.x-way.net http://www.microsoft.com http://www.tech-faq.com
19
